Identification/Authentication Techniques
Certainty as Probability
When an individual's claims of identity and privilege are verified in a truly reliable way, that identification is authoritative. The practical value of any identification/authentication scheme, however, generally exists in one of three states:
- certain and unambiguous (deterministic)
- certain based on a low probability of error (probabilistic)
- uncertain and ambiguous and therefore (for all practical purposes) false.
Unfortunately, a biometric attribute is not necessarily unambiguously permanent, so all biometric schemes are probabilistic. Design and implementation steps that can reduce the likelihood of an error are essential to orderly deployment of the technology. Biometric techniques are most reliable and effective when used as an authenticating technique as part of a multiple-factor scenario. For example, if individual makes a claim of identity at the bank with his or her name, and that claim is supported (authenticated) by a biometric identifier, the probability of error is very low. Errors are much more likely to occur where the system must figure out on its own (identify) who an individual is.
Biometric Identification
Biometric identification is a sophisticated variation on a token-based, single-factor security scheme. In this case, the token is some physical attribute of the person—fingerprint, iris, retina, face, vein pattern, etc. Biometric identification systems typically follow three high-level processing steps. First, the system must acquire an image of the attribute through an appropriate scanning technique. (Specific techniques are described in greater detail below.) Once the scanned content is acquired, it must be localized for processing purposes. During this step, extraneous informational content is discarded and minutiae are isolated and turned into a template, a sort of internal canonical form for matching attributes stored in a database. Minutiae are the uniquely differentiating characteristics of the biometric attribute. Whorls and loops and their relationship to one another on a fingerprint are and example of the minutiae that might be extracted. Finally, templates stored in the database are searched for a match with the one just presented. If a match is found, the identification is a success and the succeeding steps of the security process can begin.
Biometric Identification Process
Biometric Authentication
Biometric authentication virtually eliminates the risk of anonymity in a two-factor security scenario by using a physical attribute of the person to authenticate a token. The process is similar to biometric identification. First, the requestor presents a token to assert identity. For example, an ATM or credit card is inserted into a reader. (A number encoded on the card is actually the token; the card is more like a container for the token, but treating the card as a token is appropriate.) As with identification, the system must acquire an image of the personal attribute. Second, the attribute must be localized, minutiae extracted, and a matching template created. Finally, the value of the token is used to look up the template previously stored for this individual. If it matches the template presented on this occasion, the requestor is authenticated.
Figure: Biometric Authentication Process
Limitations of Identification and Authentication
Whether biometric technology is used for identification or authentication, its main limitation is that it uses probabilistic techniques for matching. This means that every case includes some margin for error. In daily practice, false rejections are considered more acceptable than false acceptance. (More on these matters is included elsewhere under Assessment.)
Generally, biometric authentication schemes are much more reliable and efficient than pure identification schemes. This is mainly because the identification template only has to be matched once to authenticate whereas it may need to be matched against thousands, or tens of thousands of records to identify someone. Performance of identification systems is a technical matter that requires the developers' specific attention.
Normally, any images captured during these processes are discarded once the template has been derived. From the point of view of end-user concern, none of the biometric data can be used to reconstruct an image of the attribute—fingerprint, iris, retina, etc. Also, the database storage requirements are quite modest when the images are not stored. The algorithms used process images can be extraordinarily arcane, however, and system administrators may presented with fairly complicated configuration options.
Established Technologies
The current state of biometric identification technology includes numerous options, some capable of production use, others still emerging and not yet reliable or cost-effective enough for common deployment. Several approaches have entered the technical mainstream, though biometric identification has yet to cross the chasm into mass-market acceptance. Several technical approaches have gained common acceptance as capable and reliable.
Emerging Technologies
Identifying an individual using genetic patterns, while quite reliable and authoritative, remains a time-consuming scientific process and is generally reserved for forensic purposes because it is invasive and requires highly specialized equipment and expertise. This is rapidly changing, however, and technology is emerging that will allow investigators to conduct rapid DNA analysis quickly enough to be used at an actual crime scene. Even human scent identification is available as yet another, though currently quite arcane technology. The rate of change in technology guarantees that what seems impossibly complex today can become practical, even a practical necessity in just a few short years. The following technologies show mainstream promise:
| Fingerprint | Fingerprint identification techniques fall into two major categories—Automated Fingerprint Identification Systems (AFIS) and fingerprint recognition systems. AFIS is typically restricted to law-enforcement use. Fingerprint recognition derives a unique template from the attributes of the fingerprint without storing the image itself or even allowing for its reconstruction. Fingerprint recognition for identification acquires the initial image through live scan of the finger by direct contact with a reader device that can also check for validating attributes such as temperature and pulse. Since the finger actually touches the scanning device, the surface can become oily and cloudy after repeated use and reduce the sensitivity and reliability of optical scanners. Solid state sensors overcome this and other technical hurdles because the coated silicon chip itself is the sensor. Solid state devices use electrical capacitance to sense the ridges of the fingerprint and create a compact digital image, so they are less sensitive to dirt and oils. Fingerprint recognition is generally considered reliable enough for commercial use, and some vendors are already actively marketing readers as part of Local Area Network login schemes. |
| Hand Geometry | The
essence of hand geometry is the comparative dimensions of fingers and the
locations of joints. One of the earliest automated biometric systems,
Indentimat, installed at the Shearson-Hamill investment bank on Wall St.
during the late 60s, used hand geometry and stayed in production for
almost twenty years. Some systems perform simple, two-dimensional
measurements of the palm of the hand. Others attempt to construct a simple
three-dimensional image from which to extract template characteristics. In
one of the most popular descendants of the Identimat, a small digital
camera captures top and side images of the hand. Reference marks on the
platen allow calibration of the image to improve the precision of
matching. |
| Retinal Scan | Retinal recognition creates an "eye signature" from the vascular configuration of the retina, an extremely consistent and reliable attribute with the advantage of being protected inside the eye itself. An image of the retina is captured by having the individual look through a lens at an alignment target. Diseases or injuries that would interfere with the retina are comparatively rare in the general population, so the attribute normally remains both consistent and consistently available. |
| Voice | Voice
recognition techniques are generally categorized according to two
approaches—Automatic Speaker Verification (ASV) and Automatic Speaker
Identification (ASI). Speaker verification uses voice as the
authenticating attribute in a two-factor scenario. Speaker identification
attempts to use voice to identify who an individual actually is. Voice
recognition distinguishes an individual by matching particular voice
traits against templates stored in a database. Voice systems must be
trained to the individual's voice at enrollment time, and more than one
enrollment session is often necessary. Feature extraction typically
measures formants or sound characteristics unique to each person's vocal
tract. The pattern matching algorithms used in voice recognition are
similar to those used in face recognition. |
| Iris | Iris
scanning is less intrusive than retinal recognition because the iris is
easily visible from several feet away. Responses of the iris to changes in
light can provide secondary verification that the iris presented as a
biometric factor is genuine. Though empirical tests with the technology
will improve its reliability, it appears quite promising and even
practical for many applications, especially two-factor scenarios. While
some of the technical issues of iris scanning seem pedestrian, they
present implementation challenges. A careful balance of light, focus,
resolution, and contrast is necessary to extract the attributes or
minutiae from the localized image. While the iris seems to be consistent
throughout adulthood, it does vary somewhat up to adolescence. |
| Face/Facial Thermogram | Face recognition technology is still its early stages, and most tests and applications have been run against relatively small databases. The similarity score produced by each comparison determines the match—the highest score wins. Acquisition for biometric identification purposes requires the individual's face to be presented to a video camera. An evident deficiency in some current schemes is the ability to fool or confuse some systems with makeup. A facial thermogram works much like face recognition except that the image is captured by way of an infrared camera, and the heat signature of the face is used to create the biometric template used for matching. This is more reliable than simple imaging. The U.S. Army Research Laboratory conducted the FERET Database Evaluation Procedure in Sept. of 1996 comparing various technologies and algorithms side by side. While the results are promising and some approaches yielded impressive results, this technology is still considerably less reliable than some alternatives. As is the case with other technologies, practical usefulness increases dramatically in a two-factor scenario. |
| Hand Vein | Hand vein recognition attempts to distinguish individuals by measuring the differences in subcutaneous features of the hand using infrared imaging. Like face recognition, it must deal with the extra issues of three-dimensional space and the orientation of the hand. Like retinal scanning, it relies on the pattern of the veins in the hand to build a template with which to attempt matches against templates stored in a database. The use of infrared imaging offers some of the same advantages as hand geometry over fingerprint recognition in manufacturing or shop-floor applications where hands may not be clean enough to scan properly using a conventional video or capacitance technique. |
| Signature | While a signature is not strictly biometric, it is a simple, concrete expression of the unique variations in human hand geometry. Forensic experts have developed criteria over the years for verifying the authenticity of a signature. Automating this process allows computer automation to take the place of an expert in looking for unique identifying attributes. In addition to the general shape of the signed name, a signature recognition system can also measure both the pressure and velocity of the point of the stylus across the sensor pad. (Keystroke dynamics is a variation on this technique that measures the typing rates and intervals.) Signatures, however, are difficult to model for variation, as is the reliability of these systems, especially when compared with other simpler alternatives. |